package Filter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
@WebFilter(urlPatterns = {"/success.jsp", "/otherProtectedPages.jsp"},
        filterName = "TimeOutFilter")

public class TimeOutFilter extends HttpFilter {
    @Override
    protected void doFilter(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpSession session = request.getSession();
        String servletPath = request.getServletPath();
        Object username = session.getAttribute("username");
//          session中没有数据了，说明session已经过期了，当前的session是一个新的session
        if (username != null ||
                "/login.jsp".equals(servletPath) ||
                "/process.jsp".equals(servletPath)) {
            chain.doFilter(request, response);
        } else {
            response.sendRedirect(request.getContextPath() + "/login.jsp");
        }
    }
}
